IoT-Oriented Distributed Intrusion Detection Methods Using Intelligent Classification Algorithms in Spark

Abstract

With the rapid development and wide application of the 5G mobile communication and the explosive security threats of the Internet of things (IoT), distributed intrusion detection is one of the hot topics in the intrusion detection field of network security. The classification algorithm is a kind of the most representative and classical algorithms of artificial intelligence (AI), and it is an important technique for intrusion detection in order to distinguish the attack traffic from massive network data. In order to solve the problem to detect massive and complex network attack traffic in IoT, in this study, we propose the distributed intrusion detection framework and method using intelligent classification algorithms in Spark. We first introduce several mainstream classification algorithms provided by Spark. Second, the distributed intrusion detection procedure using intelligent classification algorithms is given. Next, the overall framework of the proposed model is built. Finally, a series of comparison experiments by the binary classification and quintuple classification in six evaluation indicators (i.e., recall, precision, F1-score, FNR, FPR, and ROC curve) indicate that the naive Bayes has a worse classification performance than that of other classification algorithms, and the classification effect in a cluster environment is almost the same as that in a stand-alone environment.